diff options
| author | sobomax <sobomax@FreeBSD.org> | 2005-02-13 17:37:20 +0000 |
|---|---|---|
| committer | sobomax <sobomax@FreeBSD.org> | 2005-02-13 17:37:20 +0000 |
| commit | 52ae2ac0b9537da952af95dbcdec320bb0fde83b (patch) | |
| tree | de46110994a0c19fc18c0e1c594389839015456e /sys/kern/kern_prot.c | |
| parent | 29d152dbfd1048f4b7757558292eb64dc98f0d8b (diff) | |
| download | FreeBSD-src-52ae2ac0b9537da952af95dbcdec320bb0fde83b.zip FreeBSD-src-52ae2ac0b9537da952af95dbcdec320bb0fde83b.tar.gz | |
Backout previous change (disabling of security checks for signals delivered
in emulation layers), since it appears to be too broad.
Requested by: rwatson
Diffstat (limited to 'sys/kern/kern_prot.c')
| -rw-r--r-- | sys/kern/kern_prot.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index d989ab3..21f277f 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1427,7 +1427,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, conservative_signals, CTLFLAG_RW, * References: cred and proc must be valid for the lifetime of the call. */ int -cr_cansignal(struct ucred *cred, struct proc *proc, int signum, int pedantic) +cr_cansignal(struct ucred *cred, struct proc *proc, int signum) { int error; @@ -1453,7 +1453,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum, int pedantic) * bit on the target process. If the bit is set, then additional * restrictions are placed on the set of available signals. */ - if (conservative_signals && (proc->p_flag & P_SUGID) && pedantic) { + if (conservative_signals && (proc->p_flag & P_SUGID)) { switch (signum) { case 0: case SIGKILL: @@ -1467,6 +1467,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum, int pedantic) case SIGHUP: case SIGUSR1: case SIGUSR2: + case SIGTHR: /* * Generally, permit job and terminal control * signals. @@ -1507,7 +1508,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum, int pedantic) * References: td and p must be valid for the lifetime of the call */ int -p_cansignal(struct thread *td, struct proc *p, int signum, int pedantic) +p_cansignal(struct thread *td, struct proc *p, int signum) { KASSERT(td == curthread, ("%s: td not curthread", __func__)); @@ -1524,7 +1525,7 @@ p_cansignal(struct thread *td, struct proc *p, int signum, int pedantic) if (signum == SIGCONT && td->td_proc->p_session == p->p_session) return (0); - return (cr_cansignal(td->td_ucred, p, signum, pedantic)); + return (cr_cansignal(td->td_ucred, p, signum)); } /*- |
